Hello guys,
I'm creating my own website-it's coming along very well but I'm stuck. There is a login, so that you can login to your account. Each account has an access of 1-10, if your access is 0 you are not logged in. When you put your username and password it checks all of the accounts in the mySQL database. That all works fine, but along with this is a forum, if you are logged in you can post ext.. in the forum, if your not logged in you can only view it. I made it so you can view it but how would i have a variable that worked through all the pages in my website so the forum could say do they have an access of greater than 0?
So i thought... Sessions

My default.php runs includes the different things which include each other and it all works out so that its always "technically" on default.php.

<?php
// Start the session
session_start();
$_SESSION['Username'] = "";
$_SESSION['Access'] = 0;
?>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Website</title>
</head>
<body>
<table width="100%" height="100%" border="0">
<tr height="1%">
<td>
<?php require "menubar.php"; ?>
</td>
</tr>
<tr height="10%">
<td>
<?php require "logo.php"; ?>
</td>
</tr>
<tr valign="top">
<td>
<?php require "main.php"; ?>
</td>
</tr>
</table>
</body>
</html>

I'm not sure if I just don't know how to use Session variables or I'm using them wrong.

here is login.php

<html>
<body>
<?php
if(strlen($_POST['user']) == 0 || strlen($_POST['pass']) == 0)
{
    echo "
    <center>
    <form action=\"?page=Login\" method=\"post\">
    <table border=\"0\" width=\"75%\">
    <tr>
    <td>
    Username: 
    </td>
    <td>
    <input type=\"text\" name=\"user\" />
    </td>
    </tr>
    <tr>
    <td>
    Password: 
    </td>
    <td>
    <input type=\"password\" name=\"pass\" />
    </td>
    </tr>
    <tr>
    <td>
    <input type=\"submit\" value=\"Login\" />
    <td>
    </tr>
    </table>
    </form>
    </center>
    ";
}
else
{
    $mysql_host = "";
    $mysql_database = "";
    $mysql_user = "";
    $mysql_password = "";

    $con = mysql_connect($mysql_host,$mysql_user,$mysql_password);
    if(!$con)
    {
        die('Could not connect: ' . mysql_error());
    }
    
    mysql_select_db($mysql_database,$con);

    $result = mysql_query("SELECT * FROM Accounts");
    while($row = mysql_fetch_array($result))
    {
        if($row['Username'] == $_POST['user'] && $row['Password'] == $_POST['pass'])
        {
             $_SESSION['Username'] = $row['Username'];
             $_SESSION['Access'] = $row['Access'];
             echo "<a href=?page=UserCP>You have successfully logged in click here to access User CP.</a>";
        }
    }
}
?>
</body>
</html>

Thanks and i hope you guys can help me..

Try making this default.php

<?php
// Start the session
session_start();
if (empty($_SESSION['Username']) || !isset($_SESSION['Username'])) {
    $_SESSION['Username'] = "";
    $_SESSION['Access'] = 0;
    }
?>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Website</title>
</head>
<body>
<table width="100%" height="100%" border="0">
<tr height="1%">
<td>
<?php require "menubar.php"; ?>
</td>
</tr>
<tr height="10%">
<td>
<?php require "logo.php"; ?>
</td>
</tr>
<tr valign="top">
<td>
<?php require "main.php"; ?>
</td>
</tr>
</table>
</body>
</html>

And this login.php

<?php
session_start();
?><html>
<body>
<?php
if(strlen($_POST['user']) == 0 || strlen($_POST['pass']) == 0)
{
    echo "
    <center>
    <form action=\"?page=Login\" method=\"post\">
    <table border=\"0\" width=\"75%\">
    <tr>
    <td>
    Username: 
    </td>
    <td>
    <input type=\"text\" name=\"user\" />
    </td>
    </tr>
    <tr>
    <td>
    Password: 
    </td>
    <td>
    <input type=\"password\" name=\"pass\" />
    </td>
    </tr>
    <tr>
    <td>
    <input type=\"submit\" value=\"Login\" />
    <td>
    </tr>
    </table>
    </form>
    </center>
    ";
}
else
{
    $mysql_host = "";
    $mysql_database = "";
    $mysql_user = "";
    $mysql_password = "";

    $con = mysql_connect($mysql_host,$mysql_user,$mysql_password);
    if(!$con)
    {
        die('Could not connect: ' . mysql_error());
    }
    
    mysql_select_db($mysql_database,$con);

    $result = mysql_query("SELECT * FROM Accounts");
    while($row = mysql_fetch_array($result))
    {
        if($row['Username'] == $_POST['user'] && $row['Password'] == $_POST['pass'])
        {
             $_SESSION['Username'] = $row['Username'];
             $_SESSION['Access'] = $row['Access'];
             echo "<a href=?page=UserCP>You have successfully logged in click here to access User CP.</a>";
        }
    }
}
?>
</body>
</html>

I will have to macgyver a login tutorial which reminds me I need to upload that other video tutorial tonight. Hope that helps.

worked tyvm, so i knew how to do it but i had to include the session start over every page that uses the session. Thanks.

ohhh that ws a silly mistake... i didnt notice it at all when i read ur code fr 1st time.. gud job cwarn !!!

worked tyvm, so i knew how to do it but i had to include the session start over every page that uses the session. Thanks.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.